Is there projects to improve this?
De : m...@netbsd.org À : yarl-bau...@mailoo.org Sujet : Re: pkgsrc binary packages security with pkgin Date : 25/01/2020 23:11:25 Europe/Paris Copie à : netbsd-users@netbsd.org On Sat, Jan 25, 2020 at 01:34:34AM +0100, yarl-bau...@mailoo.org wrote: > Hello, > > May I ask how is safe the use pkgsrc binary packages. For example using > pkgin. Does libfetch is doing fine with https? Any thoughts? > > Is the authenticity and integrity of packages installed this way is > guaranteed assuming no bugs in software involved? No. > > Is it safer to compile by yourself? Yes. This is a very unfortunate case.